File:Intrusion Kill Chain - v2.png
Original file (950 × 681 pixels, file size: 158 KB, MIME type: image/png)
Captions
Understanding the graphic
[edit]Computer scientists at Lockheed-Martin corporation described in 2011 the usage of a new "intrusion kill chain" framework or model to defend computer networks.[1] They wrote that attacks may occur in stages and can be disrupted through controls established at each stage. The kill chain can also be used as a management tool to help continuously improve network defense. Threats must progress through seven stages in the model:
- Reconnaissance: Intruder selects target, researches it, and attempts to identify vulnerabilities in the target network.
- Weaponization: Intruder creates remote access malware weapon, such as a virus or worm, tailored to one or more vulnerabilities.
- Delivery: Intruder transmits weapon to target (e.g., via e-mail attachments, websites or USB drives)
- Exploitation: Malware weapon's program code triggers, which takes action on target network to exploit vulnerability.
- Installation: Malware weapon installs access point (e.g., "backdoor") usable by intruder.
- Command and Control: Malware enables intruder to have "hands on the keyboard" persistent access to target network.
- Actions on Objective: Intruder takes action to achieve their goals, such as data exfiltration, data destruction, or encryption for ransom.
A U.S. Senate investigation of the 2013 Target Corporation data breach included analysis based on the Lockheed-Martin kill chain framework. It identified several stages where controls did not prevent or detect progression of the attack.[2]
References
[edit]- ↑ Lockheed-Martin Corporation-Hutchins, Cloppert, and Amin-Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains-2011
- ↑ U.S. Senate-Committee on Commerce, Science, and Transportation-A "Kill Chain" Analysis of the 2013 Target Data Breach-March 26, 2014
Summary
[edit]DescriptionIntrusion Kill Chain - v2.png |
English: Intrusion kill chain for information security |
Date | |
Source | http://www.public.navy.mil/spawar/Press/Documents/Publications/03.26.15_USSenate.pdf |
Author | U.S. Senate Committee on Commerce, Science, and Transportation |
Licensing
[edit]Public domainPublic domainfalsefalse |
This file is a work of a sailor or employee of the U.S. Navy, taken or made as part of that person's official duties. As a work of the U.S. federal government, it is in the public domain in the United States.
|
||
This file has been identified as being free of known restrictions under copyright law, including all related and neighboring rights. |
https://creativecommons.org/publicdomain/mark/1.0/PDMCreative Commons Public Domain Mark 1.0falsefalse
File history
Click on a date/time to view the file as it appeared at that time.
Date/Time | Thumbnail | Dimensions | User | Comment | |
---|---|---|---|---|---|
current | 17:24, 30 June 2016 | 950 × 681 (158 KB) | Farcaster (talk | contribs) | User created page with UploadWizard |
You cannot overwrite this file.
File usage on Commons
There are no pages that use this file.
File usage on other wikis
The following other wikis use this file:
- Usage on ar.wikipedia.org
- Usage on az.wikipedia.org
- Usage on en.wikipedia.org
- Usage on fa.wikipedia.org
- Usage on fr.wikipedia.org
- Usage on ja.wikipedia.org
- Usage on sl.wikipedia.org
- Usage on uk.wikipedia.org
Metadata
This file contains additional information such as Exif metadata which may have been added by the digital camera, scanner, or software program used to create or digitize it. If the file has been modified from its original state, some details such as the timestamp may not fully reflect those of the original file. The timestamp is only as accurate as the clock in the camera, and it may be completely wrong.
Horizontal resolution | 47.24 dpc |
---|---|
Vertical resolution | 47.24 dpc |